<?php
/*
	token => info
	username => token

*/
require_once("Response.php");
class Admin{
	public $link;
	public $response;
	public function __construct(){
		$this->response = new Response();
		$this->link = create_connection();
	}

	public function login(){
		if(isset($_POST['data'])){
			$data = $_POST['data'];
			$username = filter_sql($data['username']);
			$password = md5(filter_sql($data['password']));
			$sql = "select id from admin where usernm = '$username' and passwd = '$password'";
			// echo $sql;
			if($result = @execute_sql($this->link,'zhihu',$sql)){
				$row = mysqli_fetch_assoc($result);
				$id = $row['id'];
				$token = md5($username.$id.'salt_');
				$time = time()+180000;
				$sql = "insert into user_token(user_id,user_token,expire_time) 
				        values($id,'$token',$time)";
				// echo $sql;
				@execute_sql($this->link,'zhihu',$sql);
				$last_login = date("Y-m-d H:i:s",time());
				$sql="update admin set last_login_time = '$last_login' where id=$id;";
				@execute_sql($this->link,'zhihu',$sql);
				$this->response->returnData(200,'success',["token"=>$token]);
			}else{
				$this->response->returnError();
			}
		}else {
			$this->response->returnError();
		}
	}

	public function logout(){
		$user_id = $this->checkToken();
		$last_login = date("Y-m-d H:i:s",time());
		$sql="update admin set last_login_time = '$last_login' where id=$user_id";
		@execute_sql($this->link,'zhihu',$sql);
		$result = $this->destroyToken($user_id);
		if($user_id && $result){
            $this->response->returnData(200,'success',$alert);
		}else{
			$this->response->returnError();
		}
	}

	public function checkToken(){
		if(isset($_POST['data'])){
			$data = $_POST['data'];
			$token = filter_sql($data['token']);
			$sql = "select user_id,expire_time from user_token where user_token='$token'";
			// echo $sql;
			if($result = @execute_sql($this->link,'zhihu',$sql)){
				$row = mysqli_fetch_assoc($result);
				$user_id = $row['user_id'];
				$expire_time = intval($row['expire_time']);
				if(time()>$expire_time){
					$this->destroyToken($user_id);
					return 0;
				}
			  	return $user_id;
			}else
				$this->response->returnError();
		}else{
			$this->response->returnError();
		}
	}
	public function getInfo(){
		$id = $this->checkToken();
		$sql = "select nickname as name,avatar,roles,introduction  from admin where id=$id";
		// echo $sql;
		if($id && $result = @execute_sql($this->link,'zhihu',$sql)){
			$row = mysqli_fetch_assoc($result);
			$alter = new UserInfo();//实例化对象;
			$alter->name = $row['name'];
			$alter->avatar = $row['avatar'];
			$alter->roles[] = $row['roles'];
			$alter->introduction = $row['introduction'];
			// var_dump($alter);
			$this->response->returnData(200,'success',$alter);
		}else{
			$this->response->returnError();
		}
	}
	public function destroyToken($user_id){
		$sql = "delete from user_token where user_id = $user_id";
		$result = @execute_sql($this->link,'zhihu',$sql);
		return $result;
	}
}
class UserInfo{
	public $name;
	public $avatar;
	public $roles;
	public $introduction;
}